mirror of
https://github.com/systemd/systemd.git
synced 2024-11-07 01:27:11 +03:00
67321fdf3e
With this "sudo ./run-integration-tests.sh" should work fully without exception, even on systems lacking SELinux (in which case that test will just be skipped)
112 lines
3.5 KiB
Bash
Executable File
112 lines
3.5 KiB
Bash
Executable File
#!/bin/bash
|
|
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
|
|
# ex: ts=8 sw=4 sts=4 et filetype=sh
|
|
set -e
|
|
TEST_DESCRIPTION="SELinux tests"
|
|
TEST_NO_NSPAWN=1
|
|
|
|
# Requirements:
|
|
# Fedora 23
|
|
# selinux-policy-targeted
|
|
# selinux-policy-devel
|
|
|
|
# Check if selinux-policy-devel is installed, and if it isn't bail out early instead of failing
|
|
test -d /usr/share/selinux/devel || exit 0
|
|
|
|
. $TEST_BASE_DIR/test-functions
|
|
SETUP_SELINUX=yes
|
|
KERNEL_APPEND="$KERNEL_APPEND selinux=1 security=selinux"
|
|
|
|
test_setup() {
|
|
create_empty_image
|
|
mkdir -p $TESTDIR/root
|
|
mount ${LOOPDEV}p1 $TESTDIR/root
|
|
|
|
# Create what will eventually be our root filesystem onto an overlay
|
|
(
|
|
LOG_LEVEL=5
|
|
eval $(udevadm info --export --query=env --name=${LOOPDEV}p2)
|
|
|
|
setup_basic_environment
|
|
|
|
# setup the testsuite service
|
|
cat <<EOF >$initdir/etc/systemd/system/testsuite.service
|
|
[Unit]
|
|
Description=Testsuite service
|
|
After=multi-user.target
|
|
|
|
[Service]
|
|
ExecStart=/test-selinux-checks.sh
|
|
Type=oneshot
|
|
EOF
|
|
|
|
cat <<EOF >$initdir/etc/systemd/system/hola.service
|
|
[Service]
|
|
Type=oneshot
|
|
ExecStart=/bin/echo Start Hola
|
|
ExecReload=/bin/echo Reload Hola
|
|
ExecStop=/bin/echo Stop Hola
|
|
RemainAfterExit=yes
|
|
EOF
|
|
|
|
setup_testsuite
|
|
|
|
cat <<EOF >$initdir/etc/systemd/system/load-systemd-test-module.service
|
|
[Unit]
|
|
Description=Load systemd-test module
|
|
DefaultDependencies=no
|
|
Requires=local-fs.target
|
|
Conflicts=shutdown.target
|
|
After=local-fs.target
|
|
Before=sysinit.target shutdown.target autorelabel.service
|
|
ConditionSecurity=selinux
|
|
ConditionPathExists=|/.load-systemd-test-module
|
|
|
|
[Service]
|
|
ExecStart=/bin/sh -x -c 'echo 0 >/sys/fs/selinux/enforce && cd /systemd-test-module && make -f /usr/share/selinux/devel/Makefile load && rm /.load-systemd-test-module'
|
|
Type=oneshot
|
|
TimeoutSec=0
|
|
RemainAfterExit=yes
|
|
EOF
|
|
|
|
touch $initdir/.load-systemd-test-module
|
|
mkdir -p $initdir/etc/systemd/system/basic.target.wants
|
|
ln -fs load-systemd-test-module.service $initdir/etc/systemd/system/basic.target.wants/load-systemd-test-module.service
|
|
|
|
local _modules_dir=/var/lib/selinux
|
|
rm -rf $initdir/$_modules_dir
|
|
if ! cp -ar $_modules_dir $initdir/$_modules_dir; then
|
|
dfatal "Failed to copy $_modules_dir"
|
|
exit 1
|
|
fi
|
|
|
|
local _policy_headers_dir=/usr/share/selinux/devel
|
|
rm -rf $initdir/$_policy_headers_dir
|
|
inst_dir /usr/share/selinux
|
|
if ! cp -ar $_policy_headers_dir $initdir/$_policy_headers_dir; then
|
|
dfatal "Failed to copy $_policy_headers_dir"
|
|
exit 1
|
|
fi
|
|
|
|
mkdir $initdir/systemd-test-module
|
|
cp systemd_test.te $initdir/systemd-test-module
|
|
cp systemd_test.if $initdir/systemd-test-module
|
|
cp test-selinux-checks.sh $initdir
|
|
dracut_install -o sesearch
|
|
dracut_install runcon
|
|
dracut_install checkmodule semodule semodule_package m4 make /usr/libexec/selinux/hll/pp load_policy sefcontext_compile
|
|
) || return 1
|
|
|
|
# mask some services that we do not want to run in these tests
|
|
ln -s /dev/null $initdir/etc/systemd/system/systemd-hwdb-update.service
|
|
ln -s /dev/null $initdir/etc/systemd/system/systemd-journal-catalog-update.service
|
|
ln -s /dev/null $initdir/etc/systemd/system/systemd-networkd.service
|
|
ln -s /dev/null $initdir/etc/systemd/system/systemd-networkd.socket
|
|
ln -s /dev/null $initdir/etc/systemd/system/systemd-resolved.service
|
|
|
|
ddebug "umount $TESTDIR/root"
|
|
umount $TESTDIR/root
|
|
}
|
|
|
|
do_test "$@"
|